Skip to main content
  1. News
  2. Politics
  3. Policy & Issues

Homeland Security advisory issued to Microsoft Internet Explorer users

See also

On Monday, the United States Department of Homeland Security issued an advisory to Americans about a serious security flaw affecting Microsoft's Internet Explorer browser, urging IE users to use another Web browser until the bug is fixed.

The U.S. Department of Homeland Security's Computer Emergency Readiness Team (CERT) said on Monday the vulnerability affects IE versions 6 through 11 and could lead to the complete compromise of an affected system.

In a similar alert, the United Kingdom National Computer Emergency Response Team issued an advisory to British computer users as well.

Reuters reports that the bug is the first high-profile computer threat to emerge since Microsoft stopped providing updates for Windows XP earlier in April. Therefore, computers running the 13-year-old operating system will remain unprotected, even after Microsoft releases updates to defend against it.

The malicious virus enters via corrupted Adobe Flash file to attack the victim's computer. IE users, according to cyber security experts can avoid it by turning off Adobe Flash.

Monday morning's CERT alert advises IE browser users to consider using an alternative browser until Microsoft issues a patch.

"US-CERT recommends that users and administrators enable Microsoft EMET where possible and consider employing an alternative web browser until an official update is available."

Cyber hackers insert a code into "everyday websites" visited by unsuspected victims, then infects their computers.

"It's called a watering hole attack because if you're a lion, you go to the watering hole because you know that's where the animals go to drink."

The bug was first announced on Saturday by FireEye Research Labs, where researchers say the hackers are calling their campaign "Operation Clandestine Fox."

On April 8, Microsoft ended support to both the Windows XP operating system and Office 2003 product lines. Subsequently, the products no longer receive security patches which help protect PCs from harmful viruses, spyware, and other malicious software.

US-CERT issues an Alert (TA14-069A) on March 10, 2014 that computer systems running the unsupported software would be exposed to an elevated risk to cybersecurity dangers, such as malicious attacks or electronic data loss.

The March 10th CERT Alert (TA14-069A) further stated:

"Users may also encounter problems with software and hardware compatibility since new software applications and hardware devices may not be built for Windows XP or Office 2003."

Advertisement

News

  •  Day 17
    Israel continues their ravaging bombardment on Gaza as the conflict wages on
    Video
    Video
  • MH17 victims arrive home
    40 bodies of the MH17 plane crash return to a somber homecoming in Holland
    Top News
  • Military advisers to Ukraine
    President Obama announces the deployment of military advisers to Ukraine
    Politics
  • Bubonic plague in China
    A bubonic plague outbreak in Yumen prompts China to quarantine the city
    World News
  • Air Algierie disappearance
    A flight headed from Burkina Faso to Algeria disappears from radar over Mali
    Headlines
  • Windows Phone training portal
    Microsoft launches Windows Phone training portal in attempt to woo consumers
    Tech